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The MAILING DATE of this communication appears on the cover sheet with the correspondence address — 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 



- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). tn no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S. C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 



3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-45 is/are pending in the application. 

4a) Of the above claim(s) 1.12.15 and 25 is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) IEI Claim(s) 2-11, 13. 14, 16-24 and 26-45 is/are rejected. 

7) Q Claim(s) is/are objected to. 

8) 0 Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) Q The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

11) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

1 2) Q Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 1 9(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. Q Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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1)13 
2a)IEI 



Responsive to communication(s) filed on 14 June 2005 . 

This action is FINAL. 2b)D This action is non-final. 
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DETAILED ACTION 
Response to Amendment 

1 . This action is in response to the communication dated June 14, 2005 with the 
amendments to claims 10, 33, 36, 38, 40 and 43-45, and the cancellation of claims 1 , 
12, 15 and 25. 

Response to Arguments 

2. Applicant's arguments with respect to claims 2-1 1 , 13-14, 16-24 and 26-45 have 
been fully considered but are moot in view of the new ground(s) of rejection. Applicant's 
arguments focus on the combination of features introduced by the amendment with 
elements that already existed in the claims. The new material is rendered obvious by 
Brendel (6,772,333), Gregget al. (6,516,416), Scheiner (Applied Cryptography) and 
Johnson et al. (5,923,885). 

Claim Rejections - 35 USC § 102 

3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 
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4. Claims 13-14, 23, 26-32, 34-41 and 44-45 are rejected under 35 U.S.C. 102(e) 
as being anticipated by Brendel (6,772,333). 

a) As to claims 36 and 39-40, Brendel discloses a system and method for 
load balancing among servers when both clear text and encrypted sessions in e- 
Commerce web sites from one client are assigned to a same server (col. 13, lines 9-18) 
comprising a) a browser on the first computing device providing a Web page to a user 
(i.e. clients interact with servers over the Internet via web browsers and web servers, 
col. 1 , lines 13-23), the Web page comprising at least first and second input fields for 
input from the user and at least a first presentation field associated with the at least first 
(i.e. credit card) and second (i.e. purchased items) input fields (col. 10, lines 21-34); b) a 
program on the first computing device receiving a message from the user (col. 1 1 , lines 
46-47), wherein the message comprises at least a first and a second datum input by the 
user into the at least first and second input fields, respectively, of the Web page, 
wherein the first datum (i.e. credit card information) is confidential to the user and the 
second datum (i.e. purchased items) is non-confidential to the user; c) the program 
identifying that the first datum is confidential and the second datum is non-confidential 
(i.e. acknowledging that only financial information such as credit card information may 
be encrypted, col. 1 lines 37-42); d) the first computing device communicating to the 
second computing device over an untrusted network, the first datum with encryption and 
e) the first computing device communicating to the second computing device over the 
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untrusted network, the second datum without encryption wherein steps (d) and (e) occur 
at least substantially simultaneously (col. 1, lines 53-58). 

b) As to claims 44 and 45, Brendel discloses a system and method for load 
balancing among servers when both clear text and encrypted sessions in e-Commerce 
web sites from one dient are assigned to a same server (col. 13, lines 9-18) comprising 
at a first computing device, receiving input information from a Web page displayed to a 
user (i.e. clients interact with servers over the Internet via web browsers and web 
servers, col. 1, lines 13-23), the input information comprising at least first (i.e. credit 
card number) and second datum (i.e. purchased items) corresponding respectively to at 
least first and second user input fields (col. 10, lines 21-34); at the first computing 
device, a program determining which of the at least first and second user input fields 
contains confidential information (col. 1 1 , lines 46-47), wherein the first datum is 
confidential to the user and the second datum is not confidential to the user (i.e. the 
determination is made by encrypting the confidential data, credit card number, and not 
encrypting non-confidential data, purchased items. This determination also reflects on 
acknowledging that the load on the server machine can be reduced by limiting the 
amount of data that is encrypted before being sent over the Internet, col. 1, lines 35-37); 
the first computing device communicating the first datum of the message to a second 
computing device with encryption of the first datum and the first computing device 
communicating the second datum of the message over an untrusted network to the 
second computing device without encryption of the second datum (col. 1, lines 53-58). 



Application/Control Number: 09/435,736 Page 5 

Art Unit: 2137 

c) As to claims 1 3-14 and 26-27, Brendel discloses the step for the first 
computing device to communicate the encrypted and non-encrypted data with the 
second computing device through the Web browsers in which the credit card number is 
encrypted and purchased items are non-encrypted (col. 10, lines 21-34). 

d) As to claim 23, Brendel discloses the second computing device employs 
the procedure to encrypt the first datum for communication of the first datum of the 
message from the second computing device to the first computing device (col. 10, lines 
32-34). 

e) As to claim 28, it has the same limitations as claim 44, further the 
computer readable program code reads on any matter for carrying software. 

f) As to claim 29, Brendel discloses the method wherein the first datum is 
confidential information to a user (i.e. credit card number, col. 10, lines 32-34) and the 
second datum is non-confidential information to the user (i.e. purchased items, col. 10, 
lines 23-30). 

g) As to claims 30 and 34, Brendel discloses the method further comprising: 

i) receiving the message from a user, the message comprising a 
plurality of input fields (i.e. web pages for selecting product for purchase and for 
entering the credit card information, col. 10, lines 21-34). 

ii) determining each input field comprising confidential information to 
the user and each input field comprising non-confidential information to the user, 
wherein the first datum (i.e. credit card number) is confidential information and the 
second datum (i.e. purchased items) is non-confidential information (col. 1, lines 37-42). 
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h) As to claims 31 and 41 , Brendel discloses the method wherein the 
communicating steps occur at least substantially simultaneously (col. 1 , lines col. 1 , 
lines 53-58). 

i) As to claims 32 and 35, Brendel discloses the method wherein the 
communicating steps comprise: 

i) encrypting the information in each of the input fields identified as 
comprising confidential information (col. 1, lines 53-56). 

ii) not encrypting the information in each of the input fields identified 
as comprising non-confidential information (col. 1, lines 56-58). 

Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

6. Claims 2-7, 11, 16-20, 24, 37 and 42 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Brendel (6,772,333) in view of Gregg et al. (6,516,416). 

a) As to claims 2, 16, 37 and 42, Gregg discloses the step of communicating 
the first datum of the message with encryption of the first datum and the step of 
communicating the second datum of the message without encryption of the second 
datum comprise the step of communicating the first datum with encryption and the 
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second datum without encryption in a same packet that comprises the message (Fig. 2, 
element 3). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to employ the use of communicating the encrypted first datum and un- 
encrypted second datum in a same packet in the system of Brendel, as Gregg teaches 
so as to effectively transmit communication data. 

b) As to claims 3 and 1 7, Gregg discloses the step of communicating the first 
datum of the message with encryption of the first datum and the step of communicating 
the second datum of the message without encryption of the second datum comprise the 
steps of communicating the first datum with encryption in a first packet of the message 
and communicating the second datum without encryption in a second packet of the 
message different from the first packet of the message (Fig. 18, element 150; col. 17, 
lines 42-45). 

c) As to claims 4-5, 11, 18-19 and 24, Gregg indicates the same path 
comprising TCP/IP passage (col. 5, lines 56-61) is used for encrypted and non- 
encrypted data communications between first computing device and the second 
computing device. Moreover the system is designed to use the interactive model of the 
WWW for client server transactions on the Internet (Abstract ). 

d) As to claims 6, 7 and 20, Gregg shows password and digital ID are 
encrypted by a key (col. 17, lines 32-34) and the key is communicated from the second 
computing device to the first computing device (col. 17, lines 32-35). 
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7. Claims 8-9 and 21-22 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Brendel (6,772,333) in view of Schneier (Applied cryptography). 

Brendel does not disclose a second key is employed to decrypt the first datum of 
the message and the first and second key comprised a matched key to communicate 
the encrypted data. 

Schneier discloses communications using symmetric cryptography wherein the 
second key is used to decrypt the encrypted message (page 28, item (5)) and the first 
(page 28, item (3)) and second key comprised a matched key (page 28, item (5)) to 
communicate the encrypted data. 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to employ the use of a second key to decrypt the first datum of the message 
and the first and second key comprised a matched key to communicate the encrypted 
data in the system of Brendel, as Schneier teaches so as to protect the sensitive data. 

8. Claims 10, 33, 38 and 43 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Brendel (6,772,333) in view of Johnson et al. (5,923,885). 

a) As to claims 10 and 38, Brendel discloses the web page comprises 
hypertext markup language (col. 12, lines 14-17), wherein the first datum comprises the 
credit card number (col. 10, lines 32-34), wherein the second datum comprises 
information related to a purchase by the user (col. 10, lines 23-27). 

Brendel implicitly discloses the program (col. 1, lines 37-42) is embedded in the 
Web page and is loaded (col. 12, lines col. 12, lines 18-22). 
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Johnson et al. discloses method and software for dynamically modifying 
computer interfaces so that users can access and operate software distributed across a 
computer network using software application, more particularly the applet software that 
is downloaded from the server to client (col. 6, lines 33-49; col. 11, lines 35-64). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to employ the use of embedding the program in the web page and loading the 
program on the first computing device after the Web page is received in the system of 
Brendel, as Johnson teaches so as to create dynamic Web applications. 

b) As to claims 33 and 43, please see above addressed claims 10 and 38. 

Conclusion 

9. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 



Application/Control Number: 09/435,736 



Page 10 



Art Unit: 2137 

the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Minh Dieu Nguyen whose telephone number is 571-272- 
3873. The examiner can normally be reached on M-F 6:00-2:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on 571-272-3865. The fax phone number 
for the organization where this application or proceeding is assigned is (571) 273-8300. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is 571-272- 
2100. 




Minh Dieu Nguyen. 

Examiner 

Art Unit 21 37 
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